package auth

import (
	jwt "github.com/appleboy/gin-jwt/v2"
	"github.com/gin-gonic/gin"
	"net/http"
)

func IsAdminAuth() gin.HandlerFunc {
	return func(ctx *gin.Context) {
		claims, _ := ctx.Get("JWT_PAYLOAD")
		currentUser := claims.(jwt.MapClaims)

		AuthorityId, ok := currentUser["AuthorityId"].(float64)
		if ok != true {
			ctx.JSON(http.StatusForbidden, gin.H{
				"msg": "无权限",
			})
			ctx.Abort()
			return
		}

		if AuthorityId != 2 { // 内部定义的  需要在jwt 生成的时候 写入这个字段
			ctx.JSON(http.StatusForbidden, gin.H{
				"msg": "无权限",
			})
			ctx.Abort()
			return
		}
		ctx.Next()
	}
}
